Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/p1Qf6DB0j7AvDM6QfDgYCqMN4g8.roa
File: p1Qf6DB0j7AvDM6QfDgYCqMN4g8.roa (raw, json)
Hash identifier: AeAzlxQL8v94GaLHn8RtMPxEmh7Ml5NfIjwSWa72Fzw=
Subject key identifier: A7:54:1F:E8:30:74:8F:B0:2F:0C:CE:90:7C:38:18:0A:A3:0D:E2:0F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018B714F7ADF0ED088E79B1535C8943EB934
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/p1Qf6DB0j7AvDM6QfDgYCqMN4g8.roa
Signing time: Fri 27 Oct 2023 13:25:16 +0000
ROA not before: Fri 27 Oct 2023 13:25:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 84.54.49.0/24 maxlen: 24
85.217.145.0/24 maxlen: 24
193.149.29.0/24 maxlen: 24
193.149.30.0/24 maxlen: 24
94.156.176.0/24 maxlen: 24
193.149.28.0/22 maxlen: 22
193.149.31.0/24 maxlen: 24
193.149.28.0/24 maxlen: 24
45.84.90.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
212.115.41.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
194.49.86.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:71:4f:7a:df:0e:d0:88:e7:9b:15:35:c8:94:3e:b9:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 27 13:25:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7541fe830748fb02f0cce907c38180aa30de20f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:fe:40:3e:c9:9c:f4:27:a6:31:2b:0e:8a:73:
90:9f:bd:30:62:12:76:0a:11:50:9d:0a:68:56:b5:
89:bf:b7:a2:5f:a6:ac:df:ac:dd:d7:2d:a9:f8:fa:
30:2a:53:89:5d:05:43:d9:a0:3b:53:69:d9:28:6c:
f6:9b:53:28:b3:68:08:b9:ae:b0:42:14:39:da:20:
dc:3a:48:8d:2f:bd:42:9c:10:da:ae:b1:da:65:87:
66:c3:e0:14:df:59:99:0e:7f:74:8c:e8:32:c4:da:
33:f3:b1:67:3d:13:4a:4d:79:41:21:f7:0d:cf:98:
e6:82:5f:a2:7a:06:99:86:63:b6:20:29:2c:2b:43:
ed:63:e4:62:f7:55:2f:3f:28:21:38:d3:6f:be:01:
b3:d2:5d:05:21:17:33:67:0f:b6:86:b8:0e:3a:6f:
aa:fb:3b:27:3e:dd:17:60:1d:b0:f7:bb:92:96:92:
73:e4:0f:15:ae:22:87:9f:54:64:41:16:ac:98:aa:
49:d8:9e:d8:52:68:83:ad:d0:43:f5:b3:12:ad:79:
30:07:cf:53:de:d2:89:8e:bd:93:c7:71:94:8d:eb:
f3:8f:ca:0a:6d:25:3e:9e:47:f5:38:dc:62:e9:24:
4f:92:10:91:a8:3e:b0:48:5c:55:b6:18:1a:24:b1:
eb:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:54:1F:E8:30:74:8F:B0:2F:0C:CE:90:7C:38:18:0A:A3:0D:E2:0F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/p1Qf6DB0j7AvDM6QfDgYCqMN4g8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.90.0/24
45.151.90.0/24
79.110.50.0/23
84.54.49.0/24
85.217.145.0/24
87.120.87.0/24
94.156.176.0/24
185.226.175.0/24
193.149.28.0/22
194.49.86.0/24
212.115.41.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:a9:ea:34:63:90:6c:e2:c1:9c:fb:14:40:a7:89:65:4e:dc:
72:7b:83:98:70:e7:9f:c6:83:8b:5c:5f:80:83:e3:f4:cc:ba:
e6:fb:ce:17:67:a1:11:c6:bc:ff:83:d5:94:aa:22:3a:dc:95:
78:e4:15:b8:fa:2f:f4:2d:51:22:37:5c:ef:5d:5a:ae:5b:8f:
8e:d2:00:d3:41:5f:8d:c4:9e:51:73:c0:a4:84:21:d2:5b:41:
4a:dd:8a:fa:fd:7d:12:b0:5b:9f:4f:97:4c:79:ae:53:a5:f5:
89:ef:8d:57:02:13:37:71:09:0f:cc:66:14:e1:db:1a:35:e7:
ac:1a:1c:44:14:56:e3:87:d3:ae:60:41:f6:eb:e2:58:4d:0f:
01:7c:11:7e:f1:dc:be:73:b6:c8:df:7a:da:3a:5a:4e:db:0f:
79:38:a5:75:8c:dc:69:68:9e:82:13:52:89:85:b5:3c:79:85:
57:20:49:cd:f2:89:6d:81:3e:af:45:7a:1a:49:ee:33:58:46:
b8:fb:4a:1e:64:7b:ff:52:da:23:82:0a:5f:65:a9:87:6d:b7:
0e:0c:95:d7:dc:f1:a0:87:be:bc:c1:ec:66:6c:fb:f2:49:19:
ac:03:a8:f9:e9:23:d5:7e:5c:6e:2f:f5:9c:d2:1a:fb:d0:99:
b5:5a:40:1b
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYtxT3rfDtCI55sVNciUPrk0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMDI3MTMyNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzU0MWZlODMwNzQ4ZmIwMmYwY2NlOTA3YzM4MTgwYWEzMGRlMjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjP5APsmc9CemMSsOinOQn70wYhJ2
ChFQnQpoVrWJv7eiX6as36zd1y2p+PowKlOJXQVD2aA7U2nZKGz2m1Mos2gIua6w
QhQ52iDcOkiNL71CnBDarrHaZYdmw+AU31mZDn90jOgyxNoz87FnPRNKTXlBIfcN
z5jmgl+iegaZhmO2ICksK0PtY+Ri91UvPyghONNvvgGz0l0FIRczZw+2hrgOOm+q
+zsnPt0XYB2w97uSlpJz5A8VriKHn1RkQRasmKpJ2J7YUmiDrdBD9bMSrXkwB89T
3tKJjr2Tx3GUjevzj8oKbSU+nkf1ONxi6SRPkhCRqD6wSFxVthgaJLHriQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFKdUH+gwdI+wLwzOkHw4GAqjDeIPMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcDFRZjZEQjBqN0F2RE02UWZEZ1lDcU1ONGc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALVRaAwQA
LZdaAwQBT24yAwQAVDYxAwQAVdmRAwQAV3hXAwQAXpywAwQAueKvAwQCwZUcAwQA
wjFWAwQA1HMpMA0GCSqGSIb3DQEBCwUAA4IBAQCfqeo0Y5Bs4sGc+xRAp4llTtxy
e4OYcOefxoOLXF+Ag+P0zLrm+84XZ6ERxrz/g9WUqiI63JV45BW4+i/0LVEiN1zv
XVquW4+O0gDTQV+NxJ5Rc8CkhCHSW0FK3Yr6/X0SsFufT5dMea5TpfWJ741XAhM3
cQkPzGYU4dsaNeesGhxEFFbjh9OuYEH26+JYTQ8BfBF+8dy+c7bI33raOlpO2w95
OKV1jNxpaJ6CE1KJhbU8eYVXIEnN8oltgT6vRXoaSe4zWEa4+0oeZHv/Utojggpf
ZamHbbcODJXX3PGgh768wexmbPvySRmsA6j56SPVflxuL/Wc0hr70Jm1WkAb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:19 2024 by rpki-client on console-fra.rpki-client.org